openSAFETY is a communications protocol used to transmit information that is crucial for the safe operation of machinery in manufacturing lines, process plants, or similar industrial environments. Such information may be e.g. an alert signal triggered when someone or something has breached a light curtain on a factory floor. While traditional safety solutions rely on dedicated communication lines connecting machinery and control systems via special relays, openSAFETY does not need any extra cables reserved for safety-related information. It is a bus-based protocol that allows for passing on safety data over existing Industrial Ethernet connections between end devices and higher-level automation systems – connections principally established and used for regular monitoring and control purposes. Unlike other bus-based safety protocols that are suitable for use only with a single or a few specific Industrial Ethernet implementations and are incompatible with other systems, openSAFETY works with a wide range of different Industrial Ethernet variants.
Contents |
openSAFETY is certified according to IEC 61508[1] and meets the requirements of SIL 3 applications. The protocol has been approved by national IEC committees representing over two dozen countries around the world, and has been released for international standardization in IEC 61784-3 FSCP 13[2].[3]
openSAFETY supports functional features to enable fast data transfer such as direct communication between nodes on a network (cross-traffic) as well as a range of measures needed to ensure data integrity and accuracy, e.g. time stamps, unique data packet identifiers, and others.[4] One particularly notable characteristic is openSAFETY's encapsulation of safety data within an Ethernet frame[5]: two subframes, each being an identical duplicate of the other, are combined to form the full safety frame. Each of the subframes is secured by its own checksum, which in effect provides multiple safeguards and levels of redundancy to ensure any distortions of safety data or other types of faults cannot go unnoticed.[6]
In contrast to all other bus-based safety solutions on the market, which were created to complement a specific Industrial Ethernet protocol or family of bus systems, openSAFETY was designed for general interoperability. Though openSAFETY was conceived by the Ethernet POWERLINK Standardization Group (EPSG) and originally developed as a safety companion to that organization’s own Industrial Ethernet variant, POWERLINK, the safety protocol is no longer bound to POWERLINK. Instead, it can be used with various major Industrial Ethernet implementations, namely PROFINET, SERCOS III, EtherNet/IP, Modbus-TCP, and POWERLINK.[7] This broad compatibility with about 90% of the installed base of Industrial Ethernet installations in 2010[8] is achieved because openSAFETY operates only on the topmost (application) layer of the network, where safety data can be trafficked irrespective of specific network characteristics that may differ from one underlying bus system to another. This approach is commonly known as black channel operation in communication protocol engineering.[9]
openSAFETY is also the only protocol that has been released as open-source software, whereas other bus-based safety solutions, e.g. PROFIsafe, Safety over EtherCAT, or CIP Safety, remain proprietary technology. openSAFETY has been made available under a BSD license.
A relatively late arrival on the scene[10], openSAFETY was first released in 2009. It is based on its immediate precursor technology, POWERLINK Safety, which was originally launched in 2007. openSAFETY won broad public attention in April 2010, when a presentation at the Hannover Messe trade show in Germany showcased four different implementations of the safety solution running in SERCOS III, Modbus TCP, EtherNet/IP and POWERLINK environments[11]. The public presentation and open-source release of the protocol was hotly debated, with strong reactions both in favor and against the new solution, which prompted extensive reporting in the trade press.[12]
Following the major openSAFETY presentation in Hanover, proponents of the new solution gave lectures at other industry events as well, e.g. at TÜV Rheinland’s 9th International Symposium in Cologne, Germany, on 4-5 May, 2010. Speaking at this conference on Functional Safety in Industrial Applications, Stefan Schönegger of Austria’s Bernecker + Rainer Industrie-Elektronik Ges.m.b.H. (B&R), a co-creator and major advocate of openSAFETY, provided an introduction to key characteristics of the new protocol.[13] Reports on later gatherings indicate that the focus of presentations and discussions about the protocol soon shifted to specific implementation and applicability issues.[14][15]